summaryrefslogtreecommitdiff
path: root/eaaf_core/src
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core/src')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java48
1 files changed, 31 insertions, 17 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index f1811022..d0ee8f5c 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -22,8 +22,9 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.builder;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.util.ArrayList;
import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@@ -72,9 +73,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
public static final String CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING =
"configuration.bugfix.enable.idl.escaping";
- protected Collection<String> includedToGenericAuthData = null;
@Autowired
protected IConfigurationWithSP basicConfig;
+
+ protected ThreadLocal<Set<String>> includedToGenericAuthData = null;
+
@Override
public IAuthData buildAuthenticationData(final IRequest pendingReq)
@@ -137,7 +140,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*/
protected abstract void buildServiceSpecificAuthenticationData(IAuthData authData,
IRequest pendingReq) throws EaafException;
-
+
/**
* Add generic E-ID information into already existing AuthData.
*
@@ -169,7 +172,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
// includedToGenericAuthData =
// authProcessData.getGenericSessionDataStorage().keySet();
// else
- includedToGenericAuthData = new ArrayList<>();
+ initializeThreadLocalVariable(new HashSet<>());
// ####################################################
// set general authData info's
@@ -219,6 +222,17 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
/**
+ * Initialize Thread-Local holder for generic attributes set in authenticated session.
+ *
+ * @param set {@link Collection} of generic attribute-names
+ */
+ protected void initializeThreadLocalVariable(Set<String> set) {
+ includedToGenericAuthData = new ThreadLocal<Set<String>>();
+ includedToGenericAuthData.set(set);
+
+ }
+
+ /**
* Parse citzen country-code into AuthData.
*
* @param authData Current authentication data
@@ -228,7 +242,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*/
private void setCitizenCountryCode(final AuthenticationData authData,
final IAuthProcessDataContainer authProcessData) throws EaafAuthenticationException {
- includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME);
final String pvpCccAttr = authProcessData
.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
if (StringUtils.isNotEmpty(pvpCccAttr)) {
@@ -261,7 +275,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*/
private void setQaaLevel(@NonNull final AuthenticationData authData,
@NonNull final IAuthProcessDataContainer authProcessData) {
- includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME);
String currentLoA = null;
if (StringUtils.isNotEmpty(authProcessData.getQaaLevel())) {
currentLoA = authProcessData.getQaaLevel();
@@ -327,9 +341,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
if (authProcessData.getGenericSessionDataStorage() != null
&& !authProcessData.getGenericSessionDataStorage().isEmpty()) {
- includedToGenericAuthData = authProcessData.getGenericSessionDataStorage().keySet();
+ initializeThreadLocalVariable(authProcessData.getGenericSessionDataStorage().keySet());
} else {
- includedToGenericAuthData = new ArrayList<>();
+ initializeThreadLocalVariable(new HashSet<>());
}
// ####################################################
@@ -344,7 +358,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
IIdentityLink idlFromPvpAttr = null;
final IIdentityLink identityLink = authProcessData.getIdentityLink();
if (identityLink != null) {
- parseBasicUserInfosFromIdl(authData, identityLink, includedToGenericAuthData);
+ parseBasicUserInfosFromIdl(authData, identityLink, includedToGenericAuthData.get());
} else {
// identityLink is not direct in MOASession
@@ -358,7 +372,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
try {
idlStream = new ByteArrayInputStream(Base64Utils.decodeFromString(pvpAttrIdl));
idlFromPvpAttr = new SimpleIdentityLinkAssertionParser(idlStream).parseIdentityLink();
- parseBasicUserInfosFromIdl(authData, idlFromPvpAttr, includedToGenericAuthData);
+ parseBasicUserInfosFromIdl(authData, idlFromPvpAttr, includedToGenericAuthData.get());
// set identitylink into AuthProcessData
authProcessData.setIdentityLink(idlFromPvpAttr);
@@ -371,7 +385,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
} finally {
try {
- includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME);
if (idlStream != null) {
idlStream.close();
}
@@ -399,11 +413,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class));
// remove corresponding keys from genericSessionData if exists
- includedToGenericAuthData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME);
- includedToGenericAuthData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME);
- includedToGenericAuthData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME);
- includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME);
- includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.GIVEN_NAME_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.BIRTHDATE_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME);
+ includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
}
}
@@ -621,7 +635,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*/
@Deprecated
private void parseBasicUserInfosFromIdl(final AuthenticationData authData,
- final IIdentityLink identityLink, final Collection<String> includedGenericSessionData) {
+ final IIdentityLink identityLink, final Set<String> includedGenericSessionData) {
authData.setIdentificationValue(identityLink.getIdentificationValue());
authData.setIdentificationType(identityLink.getIdentificationType());
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-27 04:54:45 +0000